CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41190 – SAP 3D Visual Enterprise Viewer DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-41190
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado de AutoCAD (.dxf, TeighaTr... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41197 – SAP 3D Visual Enterprise Viewer WRL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41197
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo VRML Worlds manipulado (.wrl, vrml.x3d) recibido de fuentes no confiables en SAP 3D Visual Enterpris... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39803 – SAP 3D Visual Enterprise Author SAT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-39803
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly (.sat, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado ACIS Part ... • https://launchpad.support.sap.com/#/notes/3245929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39013
https://notcve.org/view.php?id=CVE-2022-39013
11 Oct 2022 — Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the application. Bajo determinadas condiciones, un atacante autenticado puede obtener acceso a las credenciales del Sistema Operativo. Obtener acceso a las credenciales del Sistema Operativo permite al atacante modificar los dato... • https://launchpad.support.sap.com/#/notes/3229132 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39015
https://notcve.org/view.php?id=CVE-2022-39015
11 Oct 2022 — Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted. Bajo determinadas condiciones, BOE AdminTools/ BOE SDK permite a un atacante acceder a información que de otro modo estaría restringida • https://launchpad.support.sap.com/#/notes/3239293 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41185
https://notcve.org/view.php?id=CVE-2022-41185
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado Visual Design... • https://launchpad.support.sap.com/#/notes/3245929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41168 – SAP 3D Visual Enterprise Author CATPart File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41168
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado de CATIA5 Part (.ca... • https://launchpad.support.sap.com/#/notes/3245929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41183 – SAP 3D Visual Enterprise Author CUR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41183
11 Oct 2022 — Due to lack of proper memory management, when a victim opens manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application. Debido a una falta de una administración apropiada de la memoria, cuando una víctima abre un archivo Windows Cursor File manipulado (.cur, ico.x3d) recibido de fuentes no confiables en SAP 3D ... • https://launchpad.support.sap.com/#/notes/3245929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41175 – SAP 3D Visual Enterprise Author EMF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41175
11 Oct 2022 — Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo Enhanced Metafile (.emf, emf.x3d) manipu... • https://launchpad.support.sap.com/#/notes/3245929 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-41186 – SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41186
11 Oct 2022 — Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, a Remote Code Execution can be triggered when payload forces a stack-based overflow and or a re-use of dangling pointer which refers to overwritten space in memory. Debido a una falta de administración apropiada de la memoria, cuando una víctima abre un archivo manipulado Computer Graphics Metafile (.cgm, ... • https://launchpad.support.sap.com/#/notes/3245928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •